package SV_AUTH_BYPASS_MUST;

import javax.servlet.http.*;

public class Fixed {
    public void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
        Map<String, String> result = new HashMap<>();

        if (! AuthenticateUser(request.getParameter("password"), ... )) { // user authentication
            System.out.error("Error: you need to log in first");
        }
       else {
            Cookie loggedIn = new Cookie("loggedIn", "true");
           ...
        }
    }
}
